-
-
Save QGB/2c561a681d50b9ab723e1fd3cc6a455e to your computer and use it in GitHub Desktop.
| http://192.168.1.111:23571/response.headers['Content-Type']='text/html'; | |
| response.headers['X-XSS-Protection']=0; | |
| r=''' | |
| <form method="post" action="http://192.168.1.111:23571/r=request.get_data"> | |
| <input type="text" name="t"> | |
| <input type="file" name="f"> | |
| <input type="submit" /> | |
| </form> | |
| ''' |
http://192.168.1.111:23571/r='''
<form method="post" enctype="multipart/form-data" action="http://192.168.1.111:23571/r=request.get_data();response.headers['Content-Type']='text/plain;charset=utf-8'">
<input type="text" name="t">
<input type="file" name="f">
<input type="submit" />
</form>
''';response.headers['Content-Type']='text/html';
‘’‘
python3.6 -c 'from qgb import N;N.rpcServer(ssl_context=("/etc/letsencrypt/live/okfw.net/cert.pem" ,"/etc/letsencrypt/live/okfw.net/privkey.pem"),port=443 ) '
’‘’
for i in py.No 死循环
url=f"http://{ip}:23571/import%20IPython;r=IPython.get_ipython().user_ns;r=r['dip_port']"
import ast,requests
dip_port=r=ast.literal_eval(requests.get(url).content.decode('utf-8'))
'''
url='http://192.168.1.111:23571/r=sys.q'
import ast,requests
r=ast.literal_eval(requests.get(url).content.decode('utf-8'))
'''
url=rf"""http://{ip}:23571/sys.a=r=T.json_loads(request.get_data());r=len(r)"""
import ast,requests
r=requests.post(url,json=duxa)
print(r.text)
app=_2[1]
execLocals=U.getDictItem( app._error_handlers[404] ) [1].closure[0].cell_contents.closure[3].cell_contents
Uh oh!
There was an error while loading. Please reload this page.